You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Cannot remove ScorpionSaver virus from my PC

I looked online for solutions, going from unchecking "Hide protected system files (Recommended)" in the Folder Options and doing a manual uninstall under Uninstall a Program (which only resulted in it having a corrupted Use Source in which it says cannot uninstall due to an incomplete file location due to a network resource which is unavalable, which I do not know if that was intentional on part of the original creator to prevent easy removal), to trying to force it clean using adwcleaner (which did nothing at all). Registry Editing for the exact source proved futile.

Task Manager does not show it running at all under processes. And perodicically, ESET Smart Security 5 would go about fits on blocking the executable from running, repeatedly.

So what should I do about this to permanantly delete the file from my PC?

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan completes, click List Threats

Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

Click the Back button.

Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

System errors:
=============
Error: (12/19/2013 11:29:48 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (12/19/2013 11:29:48 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (12/19/2013 11:26:29 AM) (Source: Service Control Manager) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.

Error: (12/19/2013 11:09:02 AM) (Source: Service Control Manager) (User: )
Description: The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).

Error: (12/19/2013 11:08:47 AM) (Source: Service Control Manager) (User: )
Description: The Level Quality Watcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.

Error: (12/19/2013 11:07:48 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

CodeIntegrity Errors:
===================================
Date: 2012-02-25 21:16:28.571
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-02-25 21:16:28.551
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.

Double-click on the renamed file to install, then follow these instructions

for doing a Quick Scan in normal mode.

Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.

If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

After completing the scan, a log report will open in Notepad.

The log is automatically saved and can be viewed by clicking the Logs tab .

Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.

Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware. -- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

How is it now?

Edited by boopme, 21 December 2013 - 10:47 AM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

◾When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.◾Make sure that everything is checked and then click Remove Selected.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

◾When the scan is complete, click OK, then click the Show Results button to see a list of any malware that was found.◾Make sure that everything is checked and then click Remove Selected.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook